package com.shopmall.controller;

import com.shopmall.pojo.Admin;
import com.shopmall.service.AdminServiceImpl;
import com.shopmall.service.AdminUserServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.thymeleaf.util.StringUtils;

import javax.servlet.http.HttpSession;
import java.util.Collection;

@Controller
public class LoginController {

    @Autowired
    private AdminServiceImpl adminService;

    @Autowired
    AdminUserServiceImpl adminUserService;

//    @RequestMapping("/login")
//    public String login(){
//        return "/login";
//    }

    //未加入Spring security 时的自定义登录处理
    @RequestMapping("/login_do")
    public String login(
            @RequestParam("username") String username,
            @RequestParam("password") String password,
            Model model, HttpSession session) {

        if (!StringUtils.isEmpty(username)) {
            Admin admin = adminService.queryAdminByUsername(username); //从数据库中找是否有此用户名的记录
            if (admin != null) {
                if((admin.getPassword()).equals(password)) {
                    if(admin.getState()==2) {
                        model.addAttribute("msg", "对不起，您的账号处于冻结状态，暂时无法登录系统，请联系相关人员进行处理！");
                        return "login";
                    }

                    else {
                        UserDetails admin_real = adminUserService.loadUserByUsername(username);
                        model.addAttribute("msg", username + "欢迎登录系统！");
                        session.setAttribute("admin", admin);
                        SecurityContextHolder.getContext().getAuthentication().getPrincipal();
                        return "home";  //这些return的字符串都是，视图名字
                    }
                }
                else{
                    model.addAttribute("msg","用户名或密码错误！");
                    return "login";
                }
            }
            else {
                model.addAttribute("msg","用户名或密码错误！");
                return "login";
            }
        }
        else {
            model.addAttribute("msg","登录失败！用户名不能为空！");
            return "login";
        }
    }



    //未登录异常处理
//    public class NoLoginException extends Exception{
//        private static final long serialVersionUID =1L;
//        public NoLoginException(){
//            super();
//        }
//
//        public NoLoginException(String message){
//            super(message);
//        }
//    }
//
//    @ModelAttribute
//    public void login_check(HttpSession session) throws NoLoginException{
//        if(session.getAttribute("admin")==null)
//            throw new NoLoginException("没有权限，请先登录！");
//    }
}

